Hi @Inderpreet ,
I was assigned a task to configure autosign cert for nodes.
The task never said to configure it using ‘dns_alt_name’.
I successfully created the autosign and verified that its signed. But still the task failed with the below msg.
it seems like 'autosign' config file under '/etc/puppetlabs/puppet' is not configured properly as per 'dns_alt_name' on puppet master i.e Jump Server
I used the below autosign.conf
$ cat /etc/puppetlabs/puppet/autosign.conf
stapp01.stratos.xfusioncorp.com
stapp02.stratos.xfusioncorp.com
stapp03.stratos.xfusioncorp.com
Can you please recheck the question and confirm where in the question was it clear to use dns_alt_name?
If it’s a technical glitch then take a look at my task too. @Ayman
The task text seems to be truncated to me.
What was supposed to be after “All hosts are having”?
The task text seems to be truncated to me.
Agreed; looks like there was some text missing from the task directions.
@Inderpreet
I had similar problem with this task.
@Inderpreet same issue for me
Thanks for reporting this guys, this question have been modified to fix issues. This task has been marked Pending
for all users so you can give it an another try.
1 Like
Failed again with the below error …
Task Status - Failed
Make sure puppet has signed certificates for ‘master’ node as well as for all ‘agent’ nodes
Can someone help me understand what did I missed to get the task failed?
@kleansoul and @b.kamal , did you create a autosign.conf file?
Yes, as shown in the picture
Seems like master node i.e jump_host entry is missing in your autosign.conf which failed the task.
Thanks… Its worked for me.
@Inderpreet Please check my screenshot the jump_host entry is correct and visible. Still the task failed.
What he did mistake then @balu.networks7 ?
@Inderpreet
I’m able to generate certificates for stapp01 and stapp02 but for stapp03 it keeps on giving me following error:
Error: The certificate for ‘CN=stapp03.stratos.xfusioncorp.com ’ does not match its private key
Error: Could not run: The certificate for ‘CN=stapp03.stratos.xfusioncorp.com ’ does not match its private key
Any idea why?
This message i got :-- “Make sure puppet has signed certificates for ‘master’ node as well as for all ‘agent’ nodes”
@Ayman I guess i did config correctly and entry as well. Can you tell me what is the issue? something i missed? or validation check error?
I faced when i run from non sudo users. i mean to say without use sudo.
This is what I did:
Added /etc/puppetlabs/puppet/autosign.conf
jump_host.stratos.xfusioncorp.com
stapp01.stratos.xfusioncorp.com
stapp02.stratos.xfusioncorp.com
stapp03.stratos.xfusioncorp.com
And /etc/puppetlabs/puppet/puppet.conf:
[master]
dns_alt_names = jump_host.stratos.xfusioncorp.com,puppet
[main]
certname = jump_host.stratos.xfusioncorp.com
server = puppet
runinterval = 1h
strict_variables = true
In clients for example:
certname = stapp01.stratos.xfusioncorp.com
server = puppet
runinterval = 1h
Added Hosts entries on Master and all Agents
Salim
June 15, 2020, 4:48am
#20
@Inderpreet @kleansoul The task has been marked failed for me with the same message “Make sure puppet has signed certificates for ‘master’ node as well as for all ‘agent’ nodes”.
I have autosign.conf in the location /etc/puppetlabs/puppet/autosign.conf.
I added a line “*.stratos.xfusioncorp.com” to auto-assign the SSL certificate for any host from the domain xfusioncorp.com as instructed.
Please check.
Thanks.
Cheers,
Salim